DOI 10.17586/0021-3454-2019-62-4-331-339
UDC 004.056.5
INFORMATION SECURITY OF AUTOMATED CONTROL SYSTEMS OF TECHNOLOGICAL PROCESSES
ITMO University, Department of Instrument-Making Technology ; Associate professor
A. M. Dergachev
ITMO University, Saint Petersburg, 197101, Russian Federation; associate professor
F. A. Zharov
ITMO University, Faculty of Software Engineering and Computer Systems;
D. S. Sadyrin
ITMO University, Faculty of Software Engineering and Computer Systems;
Read the full article
Abstract. The modern principles of automatic process control systems (ACS-TP) design are considered, as well as the systems software and hardware components. Specific features of dispatch system characteristics of different generations of the ACS-TP implementation are analyzed. A review of existing threats and vulnerabilities in the field of information security of ACS-TP is presented. It is shown that the recent increase in computing power of ACS-TP elements is accompanied by an increase in unauthorized access to them using the Internet. A new security threat introduced by implementation of the Internet of Things protocols when working with visual data is described. A classification of the main measures aimed at protecting the automated process control systems is given, examples of regulatory documents governing actions to ensure information security and examples of software and hardware products aimed at their implementation are presented.
Keywords: ACS-TP, information security, programmable logic controller, PLC, SCADA, internet of things
References:
References:
- Bezrodnyy K.P., Kul’tin I.V., Lebedev M.O. Transport Rossiyskoy Federatsii, 2009, no. S, pp. 24–26. (in Russ.)
- Rogov S.L. Informatizatsiya i Sistemy Upravleniya v Promyshlennosti, 2008, no. 2, pp. 15–21. (in Russ.)
- Zuyev K.I. Avtomatizatsiya sistem vodosnabzheniya i vodootvedeniya (Automation of Water Supply and Drainage Systems), Vladimir, 2016, 224 р. (in Russ.)
- Byvaikov M.E., Zharko E.F., Mengazetdinov N.E., Poletykin A.G., Prangishvili I.V., Promyslov V.G. Automation and Remote Control, 2006, no. 5(67), pp. 735–747.
- Mengazetdinov N.E., Poletykin A.G., Promyslov V.G., Zuyenkova I.N., Byvaykov M.E., Prokof’yev V.N., Kogan I.R., Korshunov A.S., Fel’dman M.E., Kol’tsov V.A. Kompleks rabot po sozdaniyu pervoy upravlyayushchey sistemy verkhnego blochnogo urovnya ASUTP dlya AES "Busher" na osnove otechestvennykh informatsionnykh tekhnologiy (The Complex of Works on the Creation of the First Control System of the Upper Block Level of the Automated Process Control System for Bushehr NPP Based on Domestic Information Technologies), Moscow, 2013, 95 р. (in Russ.)
- Bundesamt für Sicherheit in der Informationstechnik, Druck- und Verlagshaus Zarbock Frankfurt am Main 2014, Die Lage der IT-Sicherheit in Deutschland, 2014, S. 31.
- https://cys-centrum.com/ru/news/black_energy_2_3. (in Russ.)
- Mikhaylov D.M., Zhukov I.Yu., Sheremet I.A. Zashchita avtomatizirovannykh sistem ot informatsionno-tekhnologicheskikh vozdeystviy (Protection of Automated Systems from Information Technology Impacts), Moscow, 2014, 184 р. (in Russ.)
- Langner R. IEEE Security & Privacy, 2011, no. 3(9), pp. 49–51.
- Aref’yev A. S. Automation in Industry, 2015, no. 2, pp. 43–45. (in Russ.)
- Pishchik B.N. Computational Technologies, 2013, no. 18, pp. 170–175. (in Russ.)
- Symantec Security Response. W32.Duqu: The Precursor to the Next Stuxnet, http://www.symantec.com/ru/ru/outbreak/?id=stuxnet.
- Gostev А. The Flame: Questions and Answers. SECURELIST, http://www.securelist.com/en/ blog/208193522/The_Flame_Questions_and_Answers.
- Colbert E.J.M., Kott A. Cyber-security of SCADA and Other Industrial Control Systems, Springer International Publishing Switzerland, 2016, рр. 7.
- Evolyutsiya industrial’noy kiberbezopasnosti. Postroyeniye intellektual’nykh sistem obespecheniya zashchity ASU TP promyshlennykh predpriyatiy (The Evolution of Industrial Cybersecurity. Construction of Intelligent Systems to Ensure the Protection of Industrial Process Control Systems), Information Security, 2016, no. 1, pp. 17. (in Russ.)
- Polyakov V.A. Informatizatsiya i Sistemy Upravleniya v Promyshlennosti, 2015, no. 5, pp. 59. (in Russ.)
- https://www.ptsecurity.com/upload/corporate/ru-ru/analytics/ICS-Security-2017-rus.pdf. (in Russ.)
- Smorodin G.S., Lysenko V.S., Manezhnov V.G. Molodoy uchenyy, 2016, no. 29, pp. 138–140. (in Russ.)
- Bor'ba za razrabotku PLK: vzglyad iznutri (Fight for PLC Development: an Inside View), Control Engineering Rossiya, 2014, no. 6(54), pp. 79–81. (in Russ.)
- Bychkov I.N., Glukhov V.I., Trushkin K.A. Informatizatsiya i Sistemy Upravleniya v Promyshlennosti, 2014, no. 1, pp. 49. (in Russ.)
- Zolotorev S.V. Informatizatsiya i Sistemy Upravleniya v Promyshlennosti, 2011, no. 2, pp. 32.
- https://ics-cert.kaspersky.ru/reports/2018/09/06/threat-landscape-for-industrial-automation-systems-h1-2018/#_Toc523499582. (in Russ.)
- https://securelist.ru/from-shamoon-to-stonedrill/30350/. (in Russ.)
- CRASHOVERRIDE Analyzing the Threat to Electric Grid Operations, https://dragos.com/wp-content/uploads/CrashOverride-01.pdf.
- https://ics-cert.kaspersky.ru/reports/2017/11/30/industrial-enterprise-and-iot-security-threats-forecast-for-2018/. (in Russ.)
- Maynor D. Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research, Syngress, 2007, 350 p.
- Bodenheim R., Butts J., Dunlap S., Mullins B.E. Intern. J. of Critical Infrastructure Protection, 2014, no. 2(7), June, pp. 114–123.
- Thingful Blog, http://thingful/.
- Bigayeva D.B., Bigayev A.B. Herald of Science and Education, 2017, no. 7, pp. 31. (in Russ.)
- Nesterenko E.A., Kozlova A.S. Ekonomicheskaya bezopasnost’’ i kachestvo, 2018, no. 2, pp. 9–14. (in Russ.)
- Gostev A.A. Law and Cyber Security (Legal Issues of Communication), 2012, no. 1, pp. 66–71. (in Russ.)
- NERC Roster. North American Electric Reliability Corporation. 9 October 2015. рp. 44–65.
- Guidance for Addressing Cyber Security in the Chemical Industry, Version 3.0. ACC ChemITC Chemical Sector Cyber Security Program, May 2006.
- Nadezhdin Yu.M. Security and safety, 2014, no. 2, pp. 40. (in Russ.)
- Zaytsev A.S. Gaudeamus, 2014, no. 2, pp. 24. (in Russ.)
- Perspektivy vstraivayemykh tekhnologiy QNX: tekhnologii budushchego dlya real’nogo vremeni (Press-reliz) (QNX Embedded Technology Perspectives: Real-Time Future Technologies (Press Release)), Journal of Applied Informatics, 2010, no. 3, pp. 3–4. (in Russ.)
- Kiberbezopasnost’ promyshlennykh sistem. Praktikum po programme "Laboratorii Kasperskogo". Obuchit’ samoye uyazvimoye (Cybersecurity Industrial Systems. Workshop on the Program "Kaspersky Lab." Train the Most Vulnerable), Informatizatsiya i Sistemy Upravleniya v Promyshlennosti, 2018, no. 1, pp. 73. (in Russ.)
- http://www.kpda.ru/products/antivirus. (in Russ.)
- Chemodurov A.S., Karputina A.Yu. Konсept, 2015, no. 2, pp. 71–75, http://e-koncept.ru/2015/ 15039.htm. (in Russ.)
- http://www.kaspersky.ru/about/news/business/2016/KasperskyOS/. (in Russ.)
- Burenin P.V., Devyanin P.N., Lebedenko E.V. et al. Bezopasnost’ operatsionnoy sistemy spetsial’nogo naznacheniya Astra Linux Special (Edition Security of the Special-Purpose Operating System Astra Linux Special Edition), Moscow, 2016, 312 р. (in Russ.)
- https://www.cisco.com/assets/global/RU/pdfs/brochures/Podhod-Cisco-po-bezopasnosti-ASU-TP.pdf.
- Drobotun E.B. Teoreticheskiye osnovy postroyeniya sistem zashchity ot komp’yuternykh atak dlya avtomatizirovannykh sistem upravleniya (Theoretical Foundations of Building Systems for Protection against Computer Attacks for Automated Control Systems), St. Petersburg, 2017, 120 р. (in Russ.)